CVE-2020-28469

Опубликовано: 03 июн. 2021

Источник: debian

Описание

This affects the package glob-parent before 5.1.2. The enclosure regex used to check for strings ending in enclosure containing path separator.

Пакет	Статус	Версия исправления	Релиз	Тип
node-glob-parent	fixed	5.1.1+~5.1.0-2		package
node-glob-parent	fixed	3.1.0-1+deb10u1	buster	package
node-glob-parent	end-of-life		stretch	package

https://snyk.io/vuln/SNYK-JS-GLOBPARENT-1016905
https://github.com/gulpjs/glob-parent/commit/f9231168b0041fea3f8f954b3cceb56269fc6366

CVE-2020-28469

CVSS3: 5.3

ubuntu

около 4 лет назад

This affects the package glob-parent before 5.1.2. The enclosure regex used to check for strings ending in enclosure containing path separator.

CVE-2020-28469

CVSS3: 7.5

redhat

больше 4 лет назад

This affects the package glob-parent before 5.1.2. The enclosure regex used to check for strings ending in enclosure containing path separator.

CVE-2020-28469

CVSS3: 5.3

nvd

около 4 лет назад

This affects the package glob-parent before 5.1.2. The enclosure regex used to check for strings ending in enclosure containing path separator.

GHSA-ww39-953v-wcq6

CVSS3: 7.5

github

около 4 лет назад

glob-parent vulnerable to Regular Expression Denial of Service in enclosure regex

RLSA-2021:5171

rocky

больше 3 лет назад

Moderate: nodejs:16 security, bug fix, and enhancement update